TudbuT/conduit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'no-identity-assertion-optional-auth' into 'next'

Browse source 
fix(appservices): don't perform identity assertion when auth is optional

Closes #430

See merge request famedly/conduit!641
This commit is contained in:
Matthias Ahouansou 2024-04-23 21:05:01 +00:00
commit 18f93ae8f3
1 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/api/ruma_wrapper/axum.rs
View file

@ -107,10 +107,7 @@ where
"Unknown access token.", "Unknown access token.",
)) ))
} }
( (AuthScheme::AccessToken, Token::Appservice(info)) => {
AuthScheme::AccessToken | AuthScheme::AccessTokenOptional,
Token::Appservice(info),
) => {
let user_id = query_params let user_id = query_params
.user_id .user_id
.map_or_else( .map_or_else(
@ -135,9 +132,12 @@ where
// TODO: Check if appservice is allowed to be that user // TODO: Check if appservice is allowed to be that user
(Some(user_id), None, None, true) (Some(user_id), None, None, true)
} }
(AuthScheme::None | AuthScheme::AppserviceToken, Token::Appservice(_)) => { (
(None, None, None, true) AuthScheme::None
} | AuthScheme::AppserviceToken
| AuthScheme::AccessTokenOptional,
Token::Appservice(_),
) => (None, None, None, true),
(AuthScheme::AccessToken, Token::None) => { (AuthScheme::AccessToken, Token::None) => {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::MissingToken, ErrorKind::MissingToken,